Addressing threats to health care's core values, especially those stemming from concentration and abuse of power. Advocating for accountability, integrity, transparency, honesty and ethics in leadership and governance of health care.

Hackers in Europe and China successfully broke into computers at nearly 2,500 companies and government agencies over the last 18 months in a coordinated global attack that exposed vast amounts of personal and corporate secrets to theft, according to a computer-security company that discovered the breach.

The damage from the latest cyberattack is still being assessed, and affected companies are still being notified. But data compiled by NetWitness, the closely held firm that discovered the breaches, showed that hackers gained access to a wide array of data at 2,411 companies, from credit-card transactions to intellectual property.

One can only imagine how internet-connected hospitals, generally an IT backwater, might fare under such an onslaught.

... In more than 100 cases, the hackers gained access to corporate servers that store large quantities of business data, such as company files, databases and email.

They also broke into computers at 10 U.S. government agencies. In one case, they obtained the user name and password of a soldier's military email account, NetWitness found. A Pentagon spokesman said the military didn't comment on specific threats or intrusions.

At one company, the hackers gained access to a corporate server used for processing online credit-card payments. At others, stolen passwords provided access to computers used to store and swap proprietary corporate documents, presentations, contracts and even upcoming versions of software products, NetWitness said.

Data stolen from another U.S. company pointed to an employee's apparent involvement in criminal activities; authorities have been called in to investigate, NetWitness said. Criminal groups have used such information to extort sensitive information from employees in the past.

Read the while article. These breaches are an unpleasant reality in 2010, but what's worse is there really are no solid metrics for the true extent of this 'disease.'

Perhaps future Internet technologies will reduce or eliminate the problem, as one reader suggested in a comment to my aforementioned post. I do not believe, however, that patients and their medical records should be used as guinea pigs until those new networking and security technologies are widely deployed and well-proven.

In effect, this is probably not a good time for actual records-level interoperability to be deployed in any manner other than in consideration of a future strategy. Operationalizing that strategy should probably await a time when the "digital ether" in which the data resides and moves is more mature, unless proprietary networks and technology are to be used and without connection to the Internet. Planning data-level compatibility between systems, on the other hand, is work that should continue.

Finally, the layoffs and staffing levels in today's IT departments (at both vendor and user shops), plus the outsourcing of critical IT functions to overseas contractors where workers' loyalty to the primary firm is questionable at best, may be a contributing factor to the nakedness of corporate America's information systems.

Contributors

Contact Us

Email: info at firmfound dot org
or go to the web-site for FIRM - the Foundation for Integrity and Responsibility in Medicine

More About FIRM and Health Care Renewal

FIRM - the Foundation for Integrity and Responsibility in Medicine is a 501(c)3 that researches problems with leadership and governance in health care that threaten core values, and disseminates our findings to physicians, health care researchers and policy-makers, and the public at large. FIRM advocates representative, transparent, accountable and ethical health care governance, and hopes to empower health care professionals and patients to promote better health care leadership.

FIRM depends on contributions from individuals and non-profit organizations. FIRM does not accept any direct support from for-profit health care corporations.

FIRM welcomes support from individuals and non-profit organizations. If you are interested in donating to FIRM, please email info at firmfound dot org, snail mail us at 16 Cutler St, Suite 104, Warren, RI, 02885, USA, or see our web-site.

Upcoming Meetings and Events

Subscribe To Health Care Renewal

Policies: Blog Roll and Comments

Our blogroll is meant to include blogs that provide interesting content relevant to what we write. It is not an endorsement in any way of any specific blog.

We accept comments, especially from registered Blogger users. If you do not wish to register with Blogger, we will accept anonymous comments, although prefer that they contain identification of the commenter.

We encourage thoughtful comments relevant to the issues brought up by the posts on Health Care Renewal.

All comments are moderated. We will reject spam, profanity, advertising of products or services not directly related to the content of this blog.

We will reject any unsubstantiated accusations or allegations.

Nonetheless, all comments represent only the opinions of those making them. The appearance of comments does not imply endorsement by the Health Care Renewal bloggers.

Please email general comments about the blog, other concerns, or questions to info AT firmfound DOT org